PKnoISecurityModule (ePOST - API Specifications)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

ePOST API

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

rice.post.security.pknoi
Class PKnoISecurityModule

java.lang.Object
  java.util.Observable
      rice.post.PostClient
          rice.post.security.pknoi.PKnoISecurityModule

All Implemented Interfaces:: SecurityModule

public class PKnoISecurityModule
extends PostClient
implements SecurityModule

This class is the security module which implements the PKnoI (web of trust) based security system.

Version:: $Id: PKnoISecurityModule.java 2047 2004-09-04 05:32:02Z amislove $
Author:: amislove

Field Summary
`static java.lang.String`	`MODULE_NAME` The name of the module

Constructor Summary
`PKnoISecurityModule(Post post)` Constructor for PKnoISecurityModule.

Method Summary
`void`	`addPrivate(PKnoIPostCertificate cert, Continuation command)` This method should be called when this user wishes to record a non-verified certificate for later use.
`void`	`addPublic(PKnoIPostCertificate cert, Continuation command)` This method should be called when this user wishes to "vouch" for the user with the provided certificate.
`boolean`	`canVerify(PostCertificate certificate)` This method returns whether or not this module is able to verify the given certificate.
`void`	`findChains(PKnoIPostCertificate source, PKnoIPostCertificate destination, int len, Continuation command)` This method will attempt to find all chains of length up to len, and return a PKnoIChain[] to the continuation once all chains have been completed.
`static PKnoIPostCertificate`	`generate(PostUserAddress address, java.security.PublicKey key)` Static method for generating a ceritificate from a user and public key
`void`	`getContentHashReferences(Continuation command)` This method is periodically invoked by Post in order to get a list of all handles under which the application has live objects.
`void`	`getLogs(Continuation command)` This method is periodically invoked by Post in order to get a list of all mutable data which the application is interested in.
`java.lang.String`	`getName()` Gets the unique name of the SecurityModule object
`void`	`notificationReceived(NotificationMessage nm, Continuation command)` This method is how the Post object informs the clients that there is an incoming notification.
`void`	`verify(PostCertificate certificate, Continuation command)` This method verifies the provided ceritifcate, and returns the result to the continuation (either True or False).

Methods inherited from class rice.post.PostClient
`getAddress`

Methods inherited from class java.util.Observable
`addObserver, clearChanged, countObservers, deleteObserver, deleteObservers, hasChanged, notifyObservers, notifyObservers, setChanged`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

MODULE_NAME

public static java.lang.String MODULE_NAME

The name of the module

Constructor Detail

PKnoISecurityModule

public PKnoISecurityModule(Post post)

Constructor for PKnoISecurityModule.

Parameters:: post - The local post service

Method Detail

generate

public static PKnoIPostCertificate generate(PostUserAddress address,
                                            java.security.PublicKey key)

Static method for generating a ceritificate from a user and public key

Parameters:: address - The address of the user; key - The public key of the user

Returns:

A certificate for the user

Throws:

java.lang.SecurityException - If the certificate generation has a problem

getName

public java.lang.String getName()

Gets the unique name of the SecurityModule object

Specified by:: getName in interface SecurityModule

Returns:: The Name value

canVerify

public boolean canVerify(PostCertificate certificate)

This method returns whether or not this module is able to verify the given certificate.

Specified by:: canVerify in interface SecurityModule

Parameters:: certificate - The certificate in question
Returns:: Whether or not this module can verify the certificate

verify

public void verify(PostCertificate certificate,
                   Continuation command)
            throws java.lang.SecurityException

This method verifies the provided ceritifcate, and returns the result to the continuation (either True or False).

Specified by:: verify in interface SecurityModule

Parameters:: certificate - The certificate to verify; command - The command to run once the result is available

Throws:

java.lang.SecurityException - If the certificate verification has a problem

notificationReceived

public void notificationReceived(NotificationMessage nm,
                                 Continuation command)

This method is how the Post object informs the clients that there is an incoming notification. This should never be called on the PKnoI client.

Specified by:: notificationReceived in class PostClient

Parameters:: nm - The incoming notification.; command - THe command to return whether or not the notification should be accepted (Boolean true or false)

getContentHashReferences

public void getContentHashReferences(Continuation command)

This method is periodically invoked by Post in order to get a list of all handles under which the application has live objects. This used to implement the garbage collection service, thus, the application must ensure that all data which it is still interested in is returned. The applications should return a PastContentHandle[] containing all of the handles The application is still interested in to the provided continatuion.

Specified by:: getContentHashReferences in class PostClient

getLogs

public void getLogs(Continuation command)

This method is periodically invoked by Post in order to get a list of all mutable data which the application is interested in. The applications should return a Log[] containing all of the data The application is still interested in to the provided continatuion.

Specified by:: getLogs in class PostClient

findChains

public void findChains(PKnoIPostCertificate source,
                       PKnoIPostCertificate destination,
                       int len,
                       Continuation command)

This method will attempt to find all chains of length up to len, and return a PKnoIChain[] to the continuation once all chains have been completed. Note that performing this method for length longer than 3 or 4 is not recommended, as the algorithm is DFS and is of O(e^len).

Parameters:: destination - the certificate to look for; source - The starting user; len - The maximum chains length to find; command - The command to return the result o

addPublic

public void addPublic(PKnoIPostCertificate cert,
                      Continuation command)

This method should be called when this user wishes to "vouch" for the user with the provided certificate. This should *ONLY* be called if the user has estabilished this user's identity through out-of-band means. Note that other users added this way will be visible to the world, and is considered an affirmation of the user.

Parameters:: cert - The certificate to vouch for; command - The command to run with the success/failure

addPrivate

public void addPrivate(PKnoIPostCertificate cert,
                       Continuation command)

This method should be called when this user wishes to record a non-verified certificate for later use. This users are hidden from the rest of the world.

Parameters:: cert - The certificate to add; command - The command to run with the success/failure